EN
keyboard_arrow_down
Choose a language:

100% of Cybersecurity audits conducted by PwC in 2021 show risks related to a lack of security in Active Directory management. ​

On average, PwC experts estimate that it takes two and a half years to conduct an Active Directory remediation plan within a large enterprise.

Identity and Access Management Monitoring is a mainstream Microsoft technology used by enterprises to manage user accounts and network access. Its central role makes it a prime target for hackers to gain access to sensitive information and potentially disrupt business operations. Most ransomware attacks rely on the compromise of privileged accounts and spy groups exploit Active Directory configuration flaws to access data or persistently penetrate corporate networks. Our Identity and Access Management Monitoring solution enables you to address these challenges.

LEARN MORE

Benefits of Identity and Access Management Monitoring

visibilitySecurity Monitoring

Continuous monitoring of changes in the security architecture of the Active Directory.

syncData collection

Automated collection of your server and workstation configurations.

done_allCompliance review

Review of the level of compliance of your Microsoft security environment with the ANSSI guide.

landscapeOverview

Holistic view of the risks in your Microsoft environment.

workPwC Expertise

Recognized expertise to help you prioritize the most critical and vulnerable areas of your IS and implement actionable remediation plans.

Identity and Access Management Monitoring differs from the others solutions of the market as it goes beyond in its technical analysis and really allows to solidify AD bases regarding good practices of security and recommended checks by the ANSII. Our tool can allow you to follow the evolution of your AD's remediation and keep pace with the changes that could alter the AD's level of maturity. Therefore, Identity and Access Management Monitoring allows you to keep control at all times of the context of your AD and manage the remediations treating identified vulnerabilities.

Jean-Bernard Rambaud, Partner Cyber Intelligence, PwC France et Maghreb

   

Pro Subscription
from 40,000€/year
  • Number of endpoints covered: 1,000
  • Number of domains covered: 1
  • Number of iterations (vulnerability assessment & remediation support): 1 / month
  • Remediation support workshops: 1 / month
  • Highlighting of AD bad practices (e.g. Privilege, AD Group)
  • Endpoint analysis (services, processes, scheduled tasks, drivers, AV, local administrators)
  • Analysis of compliance with the ANSSI guide
  • Remediation plan
  • Difference between the different reviews
  • Detailed report
Expert subscription
from 100,000€/year
  • Number of endpoints covered: 10,000
  • Number of domains covered: up to 10
  • Number of iterations (vulnerability assessment & remediation support): up to 3 / month
  • Remediation support workshops: up to 3 / month
  • Highlighting of AD bad practices (e.g. Privilege, AD Group)
  • Endpoint analysis (services, processes, scheduled tasks, drivers, AV, local administrators)
  • Analysis of compliance with the ANSSI guide
  • Remediation plan
  • Difference between the different reviews
  • Detailed report
  • Managerial report

Book a demo

The information collected during your visit to this site is protected by Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (the "RGPD"), as well as by Law No. 78-17 of January 6, 1978 relating to information technology, files and freedoms, in its latest version in force. This information is also confidential, and is in no way intended to be distributed to third parties, particularly for commercial prospecting purposes. For more information, we invite you to consult our Privacy Policy. For more information, please visit www.pwc.com/structure

 

F.A.Q

How does the continuous monitoring of the Microsoft environment work?

Our teams use the ISARS tool to collect data on all the components of your environment (Active directory, Workstations, Servers). This information is then analyzed taking into account a set of security controls and best practices, including those promulgated by the ANSSI. Once the analysis is done, our teams sort, analyze and prioritize the results in order to provide you with clear and actionable recommendations, and assist your operational teams in the implementation of remediation actions.

Do you have any examples of security checks performed?
For example, our tool performs the following checks:
  • Ensure that the last accounts created on the domain have been validated and archived
  • Review the password policy and ensure that it complies with best practices
  • Ensure that accounts not used for at least 90 days are disabled or deleted
  • Review whether network shares are readable and writable by everyone and whether they contain potentially risky data
  • Ensure that passwords are not trivial
  • Ensure that all computers have an up-to-date and active antivirus program
What types of data are collected to monitor your Active Directory?
Our tool collects the following data in particular:
  • Antivirus/EDR deployment status
  • User account information
  • Security patches deployment level
  • Network interface information
  • The level of strength of passwords
  • Access to network shares

Related publications

These products might interest you